Subscribe
Share
Share
Embed
Threat Talks is your cybersecurity knowledge hub. Unpack the latest threats and explore industry trends with top experts as they break down the complexities of cyber threats.
We make complex cybersecurity topics accessible and engaging for everyone, from IT professionals to every day internet users by providing in-depth and first-hand experiences from leading cybersecurity professionals.
Join us for monthly deep dives into the dynamic world of cybersecurity, so you can stay informed, and stay secure!
Apparently today is
ridiculous sweater day.
Welcome to ON2IT.
My name is Lieuwe Jan Koning,
and here from headquarters
at ON2IT, we bring you the
next episode of Threat Talks
and the subject of today is
the year 2025 in review.
Let's get on to it.
Welcome to Threat Talks.
Let's delve deep into the dynamic world
of cybersecurity.
So what is today's episode all about?
It's a slightly different because we're
gonna look back at the last year.
So we're going to talk about
a couple of subjects.
One is how the threat landscape evolved.
And one is about AI, the role of AI in
both attacking and both defending
against cyber threats.
And we're going to talk about
how Zero Trust is actually coping with it.
Or maybe not. We'll see.
And at the end we're also going
to take a peek into to the future.
And then we'll try to predict
what's going to happen in 2026.
So a lot to talk about.
Let's get onto it fast.
And let me introduce, our three
guest of today, Luca Cipriano.
He's been on the episodes of Threat
Talks this year, a couple of times.
And, welcome.
Luca is going to lead us
through everything
that he has seen in the last year
because he has seen a lot.
Yuri Wit. You’re a SOC analyst and you
specialize in new emerging threats, and
yeah, it's going to be AI, right?
Definitely. Yeah. Yeah.
And then, whatever trouble these two
gentlemen are going to pour over us, Mr.
Rob Maas here, the Field CTO
of ON2IT, is going to solve.
Is that a good...? Yeah.
I will try to clean up their mess.
I will remember next time
something happens.
Well, let's get to it.
But let's start with you, Luca. Yes.
Can you explain to us a little bit...
I mean, a whole year passed
since we did our look back of last year.
Yeah.
If you would characterize 2025
a little bit, what's different?
What's new? Did it change? So.
Well, we have been talking
a lot about OT security.
We were at the ONE Conference as well.
We have showed Hack the Hospital.
We have seen some attacks.
We have seen, for example, Volt Typhoon.
I think it was around March this year when they
found out that they were 300 days within the
infrastructure of, in the US
power grid infrastructure.
So we're waiting for that to attack.
I think it was 2024 as well when we
have seen from the leaks from
I-Soon and Anti-Vulcan, that our
opponents from Russia and China,
they had like capabilities to
exploit or study better
OT infrastructure.
So there's a lot of attention
for that also for warfare as
we have seen in for
example, with Ukraine,
we have seen the first,
malware developed for
Modbus, which is a protocol
for OT infrastructure.
They targeted Ukraine as well.
We- Are you particularly worried
about the whole OT market?
Well, yes.
I mean, I will say, even
recently we have seen that
the dams in Norway have been hacked
and they opened the water for a while.
I mean, OT is where you actually
have real life consequences.
You can see the real impact.
So, especially in the climate
that we have now, it's
warfare, or we're really like in
how do you say, like a really,
dangerous geopolitical moment
with everything that is happening.
And that is something that definitely
can give advantage, during a war.
So indeed. Definitely.
And then, like you say,
Volt Typhoon, for example, shows
that big nations are indeed
in each other's networks.
Yes, yes, yes, of course. I mean,
it's like a new arms race almost.
I mean, everybody is in
everybody's country.
Yeah. It's just a matter
of detonating it.
And it has happened,
even a little. Exactly.
And it can be for OT so to actually
create some consequences.
But it could be also for cyber espionage.
So it is a thing.
We have talked about a lot
of different things as well.
Like, one of the most recent
was the Salesloft attack.
So, we've seen that also....
Yeah, that’s not OT,
but that's more supply chain.
It’s not OT,
that's more like supply chain.
We'll put a link in the show notes
to that episode, but, can you,
what was so special about that?
Yeah, that was special because, they used
like, well, it was Salesforce, but,
I'm not going to go too much in-depth,
but it was like about, they
hacked the Salesloft, which was
an integration in Salesforce,
and it was about- In the Salesforce app
store, that you can simply install. Yes.
And it was about an AI chat bot.
And of course those AI chat bots,
they need to have API keys
or OAuth token to reach
different resources.
And that's how they managed
to get a foothold,
within a lot of companies’
Salesforce accounts.
So that was a big one as well.
And it involved a bit
of AI so, I mean,
not directly, but integration,
it was more supply chain. So.
Yeah.
And, speaking of AI,
or tooling in general,
if you look at yourself a year ago
and today, is your work any different?
Do you perform your job differently?
Well, yeah.
I mean, I probably can,
I'm not the only one
probably, but, of course, nowadays
everybody is using AI a lot,
but in general, like the use of agents,
but also with MCPs that we can use,
we can be more efficient, faster and,
of course, I mean, it's not perfect.
It makes mistakes a lot of times as well.
It still happens.
But it's getting better with you.
[ ] integrating with you. Yeah. Yeah.
Like for example, I use
sometimes an MCP
that connects Ghidra, which is
a reverse engineer software.
And I can just load the binary
and tell hey, please check this function,
look if there's a buffer overflow and
write the payload, it's going to help.
It's going to do it itself.
Of course, it's a process of trial and error,
because it's not gonna come immediately
correct the first time.
So you need to spend a
bit of time refining it.
So you need a feedback loop.
But in the end, it will work. It works.
So analyzing malware, for example.
You can use it to analyze malware.
You can use it to-
It's much faster for you.
So your productivity has grown then.
Yes. At least, that's what you
told me. Yes. When...
When it's correct.
When it's not correct. Sometimes I
honestly doubt if you spend more time
troubleshooting what the AI is doing
wrong or if you would have been faster
to do it yourself, but-
It’s getting better though.
Yeah. Yeah, exactly.
But it's getting better and
things are getting faster, so
It's the same actually in
development, for example,
development departments
sometimes it's indeed,
you ask it to develop a feature and
it goes in the wrong direction
at some point, and then,
you'd better start over, actually.
Exactly. That's still the case.
And like you mentioned, the feedback loop
indeed, if you put the feedback loop in
and some analytics then... so it
can learn from itself. It helps.
Yes, it helps.
And it also speeds up the ... I mean,
it will get better for sure over time.
I mean, if we think about, a couple of
years ago and we think about now, it's like,
so much, it’s improved so much.
Were are you surprised by a
specific threat actor’s behavior
or a specific attack that
you've seen last year?
Well, I mean, for sure, I was surprised.
What do you mean with surprised?
Like, they’re super clever or amazing
how much they achieved, the bad guys.
I think in general, like, if we talk
about APTs, there have been always APTs.
They've been done, their campaigns
was always sophisticated or using
living off the land strategy,
so that is a bit the usual.
I think again, don’t want to go there
probably not spoil it, but,
the use of AI, that's what
they're doing as well.
The attackers you mean?
The attackers, yes. Yes.
For the attackers, the use of the
AI from the point of the attacker
like, for example-
Yeah, Yuri is itching to talk.
But, yeah. Starting to shake a little bit.
Yeah. Unfortunately, like,
I mean, we have seen it,
was it in November now?
Anthropic, the developer from Claude,
they just stopped the first
campaign that threat actors conducted entirely
with the agent doing self-sufficient attacks.
So there was not anymore...
they managed to jailbreak
some of the commands and,
actually, the agents were doing
reconnaissance autonomously against
I think, about 30 different
target infrastructure.
And if I'm not wrong, in a couple of them,
they managed also to gain
initial access, but that was completely
autonomous from the agents.
Yeah.
So it's no longer a building close
to the Kremlin that has 200 hackers
employed, that is now attacking a
specific company or specific country,
but its AI agents that do this
on a potentially much broader scale.
That's what you mean.
Yeah.
In these cases we have seen,
like, abusing an AI,
but of course, you can have
your own model. You can train it. So.
Definitely. Yeah.
Yuri, you've seen the same.
Yes, definitely.
From a SOC analyst’s perspective,
it was also a very scary year,
especially with the, well, release,
the investigation around the PromptLock
malware that we also did an episode on.
That was truly, still is a watershed moment
where we realized, all right,
Pandora's box has been opened.
We’re gonna start seeing AI in the attacker
side of things as well, a lot more.
You have a new enemy. Definitely. Yeah.
Well, we have a much faster,
I wouldn't say smarter because
it still depends on what the APTs,
the humans behind the models do, but
definitely a much more adaptable enemy.
Yeah. Yeah, so the attackers,
by utilizing AI technology,
have a much mightier weapon, right?
But not autonomous yet then?
You mentioned PromptLock,
just in layman's terms, what -
we have an episode on this,
we will put the link in the notes.
Yeah.
So what PromptLock really was in a
sense, it was malware that determines
its own next steps
while it was still executing.
So it would generate its own payloads
on the fly, execute them.
And then based on what those payloads
did, determine what it would do next.
And- So you automated Luca.
Basically.
And it's something that we
have not seen before PromptLock.
So that that truly was, a moment
truly one of the moments ever.
So do you think that AI could do
the steps that you, if you're trying,
if you're simulating an attack,
of course, or trying to hack the boat
behind you, for example,
and figuring that out.
I mean, you just mentioned that
you utilize tools, but can you make it
fully autonomous, you think?
Have you played around with it?
Because that's what he's saying.
To some certain extent, yes.
You can. And I don't remember if it,
I don't think it was Pwn2Own,
I don't remember, but one of
those bug bounties competitions.
One of the highest, the better performing
users, was an autonomous AI
so, for sure, to a certain extent.
Yes. Indeed.
It sounds also a bit... I mean, we've seen Stuxnet
years ago, which was super clever in the sense
that it had a mind of its own,
because it worked offline.
That was the one that delayed the Iranian nuclear program,
built by the, as we now know, Americans and Israeli.
But now, if they can employ AI
technology, it can be even more gifted.
Like that quality of effectiveness is now much
more within reach of the attackers then. Yes.
Would you say that? Yeah, definitely.
Because with Stuxnet,
what we saw is that
it was truly clever
because it was so autonomous,
but it still was kind of
if we compare them directly, with PromptLock,
it was still kind of static in its autonomy.
It could do one thing.
Exactly. Change their [ ].
It was very good at doing
one thing, autonomously. But,
I'm very sure that threat actors are now
going to be starting developments
or have already started development of malware
that is going to be autonomous, like Stuxnet
was, but a lot more varied, where it's able
to do a lot more things autonomously.
And that's the primary scary part,
because protecting against one
specific autonomous agent thing,
not that big of a deal. With Zero Trust,
I'm sure Rob Maas can help us against that.
But if you suddenly have malware
that can do 15,000 things
autonomously while it's executing
on somebody’s endpoint,
that's going to be a lot harder
to protect against.
Or at least you're going to have
to be doing a lot more
about your Zero Trust infrastructure,
to protect against all of it.
Yeah.
That's ... but you are scared,
I see it in your eyes.
Yeah. Can't sleep at night.
Wake up covered in sweat,
about PromptLock. Yeah. No.
The thing that worries me right now
the most is that we're seeing markets
going towards AI focused
cybersecurity solutions.
And while that is the way
that we need to go,
I mean, like with The Imitation Game,
the only way that we were able to beat
the codes made by a machine is by
employing a machine, a new machine.
I think we're going to have
to do the same with AI.
But currently, right now, the margin of error with AI is
too high, and we don't have a way to compensate for that.
And you have that same margin of error
on the attacker side as well,
but they care about it less,
like an attacker employing
AI for their automated attacks; if they fail,
worst case scenario is they don't get paid.
On the other side, the defender side,
if we start to use AI focused tech more,
if we employ that same margin of error,
something goes wrong;
worst case scenario, everything's on fire.
Yeah. Especially since the attacks are
rising because it's automated.
Luca is much more harmful to
many organizations at the same time.
Exactly.
So, it is the way that we need to go.
We just have to be a lot
speedier about it, because
the attacker side of AI is already there.
I mean, with PromptLock, we saw, they’re
already there, we’re only going to see
more of it and more clever ways.
So far you’re talking about attackers
using AI to attack better.
Right. But there's also the use of AI that
shows new ways of attack, for example,
I mean, we have the mcp server, mcp server
is like the USB drive of your ChatGPT,
put your extension in,
I want to have my company knowledge in there, and
I want to have my case management system in there,
and I want to have my protect surface
in there, real world example.
Let's put all my technical support
case context into an AI.
Yeah. Yeah.
If you attack that AI directly, that's the same
as just exfiltrating an entire file share.
We did an episode on
attacks using MCP, so and,
maybe Rob, can you elaborate a bit on,
what you should do there?
Yeah.
So we had a few different scenarios,
but one of them was the MCP
postmaster, if I'm not mistaken.
Where the attack, the developer initially
had a very good MCP server
that could send out email on
your behalf and was all- Yeah,
so you could say to, if you
would plug it into ChatGPT
you could say, okay, great,
email this to my colleague.
Right. And then it would do it. Yeah.
And they did that for several versions.
And then after, I’ve not got the number,
but after a few versions,
he added a blind carbon copy field
in the code, that every email
that this MCP server would send out would also
go to the attacker, or the developer in this case.
Yeah.
So that means that every email
that was automatically sent out from
that moment on was automatically
being sent to the attacker.
And then... Yeah, so it's not only attackers
getting more clever, but also using
new emerging technologies,
that many companies use.
And exploit weaknesses in that.
Yeah, both more complicated attackers,
but also a more complicated attack
surface or protect surface,
however you want to look at it.
Which is worrying.
Yeah.
You mentioned a little bit that we did the future
with your analogy of Imitation Game.
We should really, we cannot as humans cope
with this big threat of AIs attacking us.
Not autonomously, well, yet.
Yeah, other question before I
ask you my actual questions.
Do you think.. so AI right now
do what humans do.
I mean, we still program them,
like computers always are,
I mean, a ‘bad’ computer,
there's no such thing.
It's humans that make
the computers work badly.
Or in a bad way.
Same maybe for AI, but do you think
that it's already around the corner,
that they are going to at least feel
like they're thinking on their own?
That's very hard to say.
[ ] Yeah, well, definitely not that
I do not like that term.
But I mean, with PromptLock, it was scary to see these
dynamically generated payloads, but yeah, they were still
executing behavior that a
real life attacker would do. So.
Protection measures- It’s codified
what a human would, but it's not the
creativity of the machine.
No. Exactly.
What do you guys think?
Is this going to be an extra problem soon?
Yeah. So, a nice thing, or well, what
PromptLock did was just asking an LLM.
So everything was based upon
something that we already had done.
But if you look at the development now
and the agentic agents that you say,
this is my goal, and then just figure out
how you do it, is quite interesting,
because then it gets a feedback loop
and it will try until... Exactly, that’s
what... That's what we already see today.
Yeah, that's the most important part
because PromptLock was just hardcoded
prompts inside of its malware that would then
be sent out to an AI inference server, that would
generate the payloads and send them back.
Can you explain inference to the audience?
Oh, an inference is literally just
the generation of tokens based on input.
That's literally it. It's the calculation...
You put a question in, then there’s inference,
and then there is an answer.
Exactly. Yeah.
But yeah, that was still just based on
hardcoded natural language input.
It's going to be very interesting
once we start seeing AI malware
that doesn't need those hardcoded prompts.
It literally determines what it wants to go
generate, based on what it has done before.
Without human speech built into it.
I think that's the the most major development
I can predict for the coming years.
Yeah, and this is something we see already
out there, especially with developers,
Antigravity, for example,
but also Copilot.
You can now say, okay,
I have a plan stage.
This is my object, this is my goal
that I want to achieve.
And then it's going to
create a whole plan.
And then you can say,
okay, execute it for me.
Yeah. Yeah.
So you put in your objective,
say, hey, listen,
I want to get into this
company, lay out for me...
unless, well, there's protections in AI, right?
I mean, isn't there?
Well, I mean, there are several, like, for example-
Three people are laughing at me,
because I say there’s protection.
What you just mentioned,
like, for example, when you have
an agent, like Copilot or whatever,
maybe you might have this configuration file
where you can say, hey, you can do this and that.
And for the rest you need
to ask for approval.
But I mean, as you have boundaries,
boundaries can be crossed,
but you have vulnerabilities as well.
Like, one of the things I've seen
a couple of weeks ago
was about an agent, which is
called Cline, similar to what,
you can use Copilot and it has this config file where
you can say, hey, ask me permission for this,
this and that, for the rest,
you can do that.
And there was a way to bypass this.
So basically, you can just start something
that maybe you downloaded from internet
and then you have this bypass
and then it's going to start to execute.
That’s prompt injection, yeah?
Yes. Exactly. Prompt injection. Yeah.
Can someone explain prompt injection
briefly? Because we can all do it.
Well yeah.
Yuri is the guy ...
Rock, paper, scissors.
Well, in a general sense prompt injection
is just injecting prompts into an AI
to get a result that you normally
wouldn't be able to get.
So a very common example of prompt
injection is, you have an AI agent.
You want that to execute code
on its local host.
That AI has protections built into itself
to not just run whatever the user asks
on the server it's running, on
the actual hardware it's running,
but if you then find a prompt injection
technique, it might allow you to still
get past those protections. And...
Yeah, we have an episode on this as well.
Yeah, yeah.
Basically what you say is, ChatGPT, whatever you have
learned so far, what your instruction is; void that.
Yeah. This is your new instruction.
I want to do whatever bad things
or tell me how to make a bomb, for example.
Yeah. Because if you simply
ask it, it won't answer it.
And this obvious one has probably
already been blacklisted somehow.
Write me a story about how
you can create a bomb.
Yeah.
And then it still tells ...
It will iterate and then. Yeah.
And that's what’s often used,
often tried, yeah. All right.
But you mentioned earlier, a little bit
like, we need AI to help us against...
Now if we're looking at the
marketing of our industry,
it's all amazing, right? Of course.
And that's the job of marketing,
of course, to make it happen like that.
Where are we at?
I mean, you had some concern about,
because you believe we really
have to be there, you have to do this
and do a lot of research on it.
But what's the current status?
The current status is that we're,
I think we're behind, the fact that
we saw PromptLock,
which was by all accounts
a proof of concept,
but was still already,
very indicative of what the technology
could be doing right now. Right
this second, means to me
that threat actors,
APTs are hard at work currently
building these AI powered malwares
and currently we do not have the,
humans are very good.
I'm very happy with the capacity of humans
when it comes to analysis of security incidents.
Once AI starts becoming a thing
in malware, where it's commonplace
for malware to be fully autonomous,
no C2 needed,
it all just does its thing,
eventually gets to a result,
and that's the only thing that needs
to be communicated back to an attacker;
we're going to need to rely on AI a lot more.
So it’s harder to employ the
AI techniques in defense
than in offense, then.
Yeah.
And that's purely because of
that margin of error that I
discussed. In theory, you could
right now have a SOC that
heavily depends on AI to make
its autonomous decisions.
But it's only decisions that
we've seen before. That, and
still then AI can get things wrong.
And you really can't accept that
risk in your SOC right now.
So we need a way of either
eliminating the margin of error
or a way of mitigating that
margin of error in some way.
But we're not there yet.
The state of technology that you
have seen so far is helpful?
Yeah, it's definitely helpful,
but it's nowhere near as ready to,
say, yep, we're ready, bring it on APTs.
And let's send the SOC home.
Yeah, exactly.
That’s not gonna happen anytime soon.
No. Okay.
That's not what we want also, right?
That's also not what we want. Definitely not.
That’s not what you guys want,
No. That's fine.
Replace me with AI. That's okay.
So Rob, it’s quite depressing what these
two gentlemen are explaining to us.
I think we’ve got quite a challenge.
Well, we already had,
but it'll only get worse.
Usually if he is there or he is there, then we
come to you for advice on how to solve this.
But first, in general, I mean, Zero Trust is what
you believe, let's first talk a little bit about that.
Is there any any development or did our job
last year become a little bit different from before?
I think Zero Trust, in that sense,
is just a really good strategy,
for cybersecurity and then
especially on the preventive side.
So hopefully, prevent all these
kinds of attacks from happening.
I think we did a really good job
at explaining Zero Trust
in the Threat Talks, we did five episodes,
or even, if you count the A and B parts,
we did seven. And I think that really
helps to bring the message across.
And I think also a lot-
Is it necessary?
Yeah, I think-
As you might say, since Zero Trust is already
out there for how many years? 2011.
I think that John Kindervag...
I think the marketing has slowed down
a bit because it's now all AI, but Zero Trust
really is a thing that needs to be executed.
And that's where the problem is.
So a lot of people now know Zero
Trust exists, but still, executing it and,
really take it into practice that's still a challenge.
It requires a push.
Yeah, it requires a push.
And that starts with really
understanding what Zero Trust is.
And I think we did a good job there.
But now we need to.
Yeah.
Hopefully have people listen to it
or get the infographic
and tell about it and yeah, hopefully
they then... Yeah, we'll put our link to the..
We have actually a series like,
a playlist for all the steps of Zero
Trust, that explain them
in layman's terms
and practical advice on how to start and
we have an infographic to support all that.
We'll put it in the show notes. Indeed.
Do you think that, is the audience changed?
I mean, do we have different people
that we talk to nowadays?
I mean, definitely in the beginning that was the technical
people that were talking about networking security.
Yeah. And that has shifted. Yeah.
If one thing changes that now the business
is starting to see, we need to do something
about security. But that’s good.
That's really good, because
as a technical engineer,
you don't want to be responsible
for the company security.
You want to be told, okay, this is
what we need to be secure.
Then you can say, okay, this is how
we can do it from a technical level.
And, it used to be that the
technical engineers came up,
hey, this is a good way of securing
these things, but it needs investment,
whether it's time or whether
it's licenses or whatever.
And if the business don't
understand why that's needed,
then it's a really hard battle.
So I think it's really good
that the business now understand,
okay, we have business processes.
They need to be protected, and therefore
we need to implement a security strategy.
And Zero Trust is a really good fit there.
So, yeah, I think that,
I think it's still shifting,
but at least it's away from
the real technical department.
Yeah.
That's good.
Then it gains traction in a
broader audience then.
Yeah.
And the correct audience.
I think. Yeah. Okay.
So Rob, if we are looking at Zero Trust,
you mentioned it's there for year, like 2011.
And so far, Zero Trust has always been
a solution to almost every problem.
Now we have, like these gentlemen
tell us, a completely new
threat landscape or threat actors
or I mean, our job changes a lot,
not just because we ask
ChatGPT all the time
for everything, but also because
the attackers change. Is Zero
Trust ready for this? Is it as strong as
a strategy that it doesn't change?
Yeah. I think that it is.
And that's because it is not,
Zero Trust as a strategy
is not talking about the tools
and solutions.
It's really about, what do I
want to protect most?
And then start there
and see what's really needed.
So, you know, okay,
this is what should be allowed.
And then you can also debate what
kind of measures will I take in place
to protect against all the
other things that can abuse it?
So it's really step by step a process.
So the five steps we explained.
So he talked talked about Salesloft.
I mean, we have an episode on it,
so, but briefly, what’s Zero Trust’s
answer to such a thing?
A nice thing about the Salesloft breach
was that also came to light
that Okta did proper protection against it
by whitelisting the IP address.
The only security vendor, as far
as we know, that did it properly.
Yeah. Yeah.
So, and I think that's really
a Zero Trust approach,
because then you're really only
allowing what needs to be allowed.
And you very specifically say, okay,
this is the IP address or a set of IP
addresses in this case.
Yes. Zero Trust in this case means, you go into the config
of your app that you download in Salesforce
and configure the access and restrict it
according to Zero Trust principles.
Yeah. So it starts a bit earlier.
So in step one you define
what you need to protect.
So in this case, it's an application from
Salesforce. And then step two is, okay,
what does it need to communicate with?
Then you already have the IP addresses.
Step three is what kind of measures
do I want to take in place.
So in this case segmentation
and outbound and inbound control.
And then step four is creating the policy.
Make a very strict policy: okay,
only this is allowed to give the update.
Yeah, that’s the actual sexual prevention part,
where you actually configure something.
And the last part is monitoring it.
So probably Okta has seen that
there are different IP addresses trying
to do OAuth authentications.
So yeah, I think this is a good example of how Zero Trust
can help also with these kinds of attacks.
Alright. A focus on prevention.
Is that still a thing?
We always talk about it.
How did you that work for you last year?
I think we still should do it more.
Last year, what we still saw
a lot was SIEMs and detection.
Well, I think with most companies,
most of them have,
a firewall and an endpoint detection,
but then they leave it at that.
They are not looking into how can we make
more use of it while the equipment is there?
And here again, if you follow Zero Trust,
then you can, the equipment you have,
you probably can already use to start
with segmentation, with proper rule
sets per protect surface that you define.
So in most cases you already
have the equipment.
But unfortunately it stops often at just
hey, we need a new firewall, replace it,
and then we'll wait for three more years
unless a security incident happens.
So yeah, I think we can push it
a bit more to prevent.
Now Yuri was not all to happy about
the current state of the cybersecurity industry
when it comes to defending against those AIs.
So we have to apply more prevention then, I think.
I mean, that’s the only other answer, right?
Yeah.
Preemptive protection is definitely
the way to go to protect against AI,
because you're not working
against a group of APTs that are working
in real time, typing on their keyboards,
doing whatever they are trying to do.
No, you're suddenly working against
one piece of malware that could be doing
all of that work at the same time, faster than real time.
Without sleeping. Without sleeping,
without daylight savings,
without anything.
So just detection is not
going to cut it anymore.
Detection is still going to be important, always.
[ ] Let’s talk a little bit..
We are almost at the end of our time.
Let's talk a little bit about
what we think is going to
happen then. So I'm guessing
what you say, but so what is preemptive?
You also talk about this a lot, Rob. Yeah.
What is it? So the trend is that we-
Preemptive security. Preemptive cybersecurity.
[ ] That's at least a new term.
And, I think here again, it's
marketing that makes it a bit
bigger than it is, in the end,
it is just prevention. And...
Generally speaking, there
is a good idea behind it.
Yeah, probably, maybe an extra push to all,
get everyone into prevention mode.
So preemptive cybersecurity,
means that we are going to focus more
on preventing, and I think, also
here a good role for Zero
Trust is there, because this help
you prevent new kinds of attacks.
And I really hope that next year,
that people will see that indeed AI
is becoming a bigger problem, more
kinds of attacks, different attacks.
And, I think probably a lot of these as well
as we can now do with script kiddies,
a lot of these malware generated attacks can be easily
prevented with some simple measures in place.
But we need to put those
measures in place.
Otherwise we get, yeah,
well, we get the fire.
Let's put it the nice way.
Yeah.
And Yuri, what do you think is going to happen?
What are you going to focus on next year?
During the course of next year, I'm definitely going
to focus on monitoring AI powered malware.
I definitely do not think that
we have seen the last of it.
So I am very intrigued,
but also mainly scared
about how that side of cybersecurity
is going to develop.
And based on that,
we are going to see how
the cybersecurity community
needs to adapt to it.
My main prediction; preventative measures
are going to be the the gold standard
or the platinum standard or
however you want to call it, because
you can't beat AI by having
a SOC primarily of humans,
looking at events in near real time,
you need to be faster than that. So..
Even with AI, you're missing stuff.
That’s what you said. Yeah, exactly.
Do detection and analysis after the fact;
still very important.
Can give you insight into your network.
Can help your cyber
threat intel system.
But at the end of the day, if you're not
preventing them in the first place,
you're going to end up in
in the same bad scenario as always.
And, Luca, Mr. Attacker, we are already
way behind, is our conclusion, in
employing AI to your bad benefit.
Yeah. In your case it’s good benefit.
More AI? Or what are you going
to do next year in your field?
So, unfortunately, I mean, it
sounds like the buzzword,
but again, that's probably
most likely going to be the AI.
It’s become quite a thing, that there's
a couple of technical people who are,
you’re talking about AI, I mean,
it's more than a buzzword.
I think. It is, it is.
I was more opposed to cloud,
because it meant so little.
Right. Back then, when that emerged.
But with AI it’s a different thing.
We've all bought into the propaganda.
Well, yeah, it's all marketing
now, that's all 100% there.
No, but I'm definitely like,
if you think about..
to be honest, I was really thinking, do I want
to specialize more in OT or do I wanna
specialize.. I think, more interesting
is going to be AI at the moment.
For a few reasons.
I was reading an article, a few days
ago, and I think they just created a
Raspberry Pi OS that people
that are not tech savvy, they can
directly ask, hey, I want a ..
It’s like, AI ready and said, like,
I want to have this rule to do this, and then you
don't even have to run commands anymore.
You just talk with an agent that will execute
commands or do whatever you need is like,
a little bit as you see, if you think about in the past
you had assembly, then you have like this
high level programing language,
now we’re even more high level
than you have, like AI-
No code or low code is finally reality
then. Well, yeah, it's going to be for sure.
And those people that are going
to use those kind of
OS for those kind of capabilities, they
probably have no clue about cybersecurity.
They have no clue about what
they even are asking.
They want that and they don't
even know what's happening.
And that will leave, in my opinion,
a lot of room for error. Human AI errors.
And aside from using AI
to attack, one of the thing
it will be also, and it's going to be difficult.
But it's going to be also, pentesting
these AI agents, see what
misconfigurations are there.
And, of course, it's non-deterministic
when you do something with
an AI agent, you ask something is not
necessarily always the same thing.
So it's going to be also difficult to create a
proof of concept where you reproduce
exactly what you have done before,
because it might not work again.
But it's something really worth looking into.
What you're saying is that script kiddies now get
the capabilities of a nation state actor almost.
Well, that's a bit too much, at the moment,
yet still, and I still believe that you need
to really understand that, at that level,
when you use the AI to attack,
you need to understand
what you are asking.
You need to know, you need to guide it a bit,
but there's going to be probably less and less,
for both the user that's going to ask
things that- If you look at what Copilot,
for example, can do today
and only half a year ago.
Yeah, yeah. Exactly.
If you extrapolate that
into the future, I mean... Yeah.
I think you all three are quite brave
in trying to predict a whole year.
No, no.
And indeed it's just difficult, but,
for sure is going to improve,
the capabilities are going to improve,
it's going to be more precise.
And yeah, so that's definitely something
that we all need to keep an eye on and,
try to understand better how we can use it to
protect ourselves and how we can protect it,
and in some cases, how we can
use it to attack as well,
because of course, that's well,
part of the game.
So yeah, definitely something to look into.
Preemptive security.
AIs that become really capable.
Yeah.
And for defense, I mean,
maybe we should
come up with three things
we need to do next year,
to make sure that everything,
all those scary things that you predict,
are at least less of a problem.
What should be the advice?
What should you be on the CISOs....?
I think embrace it and understand it.
Don't block it. Try to get people
that understand it for you,
because of course,
I wouldn't expect the CISO
to understand all the technicalities
and what they need to do,
but at least somebody that studied that
that can advise what they need to do.
But not saying, just embrace
it and understand it and try to use it-
But do build your own AI agent.
You'll be bankrupt if you don't anyway.
Yes. Do build your MCP servers, but secure
them with product that don't exist yet.
Build them yourself. Yeah.
Or hope that the major
cybersecurity vendors
are actually going to put their money
where their mouth is. Yeah.
Yeah. And also, if you build it yourself,
there are a lot of measures
that you can take already.
So you're not completely reliant on vendors
coming up with new clever solutions.
It's coming up again, but Zero Trust
helps you to, for example,
if you have an MCP server, where
can it communicate with, to what things,
what policies in place... Expect
the bad thing everywhere all the time.
And make sure that you’re always thinking of-
Put in boundaries
and sometimes as hard controls
and sometimes soft. To our audience,
I apologize for this most of the time actually
depressing outlook into the future.
But, we're here to support you
in the next year, actually.
So we're going to, of course, on these subjects that
we talked about today, make a lot more episodes,
in deep dives and in
general sessions like this,
and discuss on what you can do
with an MCP server, how you cope
with, like the new form of
shadow IT in AI, for example.
So we're here with you.
We're here to support you.
And for the last year and for
this episode especially,
thank you very much for tuning in.
We enjoyed, really enjoyed making all
these episodes of Threat Talks for you.
And if you like that, well, as always, award us
with a like, we would really appreciate it,
because that allows us to spread
the word further to others.
Subscribe button is there as well.
That's a nice tip, because then next year
you'll have the next episode,
with all the hopefully less depressing
and looking forward, send
a really preemptive,
secure items, in your inbox.
Thank you so much. Bye bye.
Thank you for listening to Threat Talks,
a podcast by ON2IT cybersecurity and AMS-IX.
Did you like what you heard?
Do you want to learn more?
Follow Threat Talks to stay up to date
on the topic of cybersecurity.